From c8896847f0b3d503fde50d023ee5407ebeec5685 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ole=20Andr=C3=A9=20Vadla=20Ravn=C3=A5s?=
 <oleavr@nowsecure.com>
Date: Tue, 22 Sep 2015 00:47:29 +0200
Subject: [PATCH] Fix xnu_reg_write() on iOS arm and arm64

---
 libr/debug/p/native/xnu/xnu_debug.c | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/libr/debug/p/native/xnu/xnu_debug.c b/libr/debug/p/native/xnu/xnu_debug.c
index c3b000f5e8..444eb40b91 100644
--- a/libr/debug/p/native/xnu/xnu_debug.c
+++ b/libr/debug/p/native/xnu/xnu_debug.c
@@ -167,7 +167,6 @@ const char *xnu_reg_profile(RDebug *dbg) {
 int xnu_reg_write(RDebug *dbg, int type, const ut8 *buf, int size) {
 	thread_array_t inferior_threads = NULL;
 	unsigned int inferior_thread_count = 0;
-	R_DEBUG_REG_T *regs = (R_DEBUG_REG_T*)buf;
 	unsigned int gp_count = R_DEBUG_STATE_SZ;
 	int ret = task_threads (pid_to_task (dbg->pid),
 		&inferior_threads, &inferior_thread_count);
@@ -179,10 +178,11 @@ int xnu_reg_write(RDebug *dbg, int type, const ut8 *buf, int size) {
 
 	/* TODO: thread cannot be selected */
 	if (inferior_thread_count > 0) {
-		gp_count = ((dbg->bits == R_SYS_BITS_64)) ? 44 : 16;
 		// XXX: kinda spaguetti coz multi-arch
 		int tid = inferior_threads[0];
 #if __i386__ || __x86_64__
+		R_DEBUG_REG_T *regs = (R_DEBUG_REG_T*)buf;
+		gp_count = ((dbg->bits == R_SYS_BITS_64)) ? 44 : 16;
 		switch (type) {
 		case R_REG_TYPE_DRX:
 			ret = THREAD_SET_STATE ((dbg->bits == R_SYS_BITS_64) ?
@@ -194,10 +194,21 @@ int xnu_reg_write(RDebug *dbg, int type, const ut8 *buf, int size) {
 			break;
 		}
 #elif __arm__ || __arm64__ || __aarch64__
-		gp_count = R_DEBUG_STATE_SZ;
-		ret = THREAD_SET_STATE (ARM_UNIFIED_THREAD_STATE);
+		arm_unified_thread_state_t state;
+		R_DEBUG_REG_T *regs = &state;
+		memset (&state, 0, sizeof (state));
+		if (dbg->bits == R_SYS_BITS_64) {
+			state.ash.flavor = ARM_THREAD_STATE64;
+			memcpy (&state.ts_64, buf,
+				MIN (sizeof (state.ts_64), size));
+		} else {
+			state.ash.flavor = ARM_THREAD_STATE32;
+			memcpy (&state.ts_32, buf,
+				MIN (sizeof (state.ts_32), size));
+		}
+		ret = THREAD_SET_STATE (R_DEBUG_STATE_T);
 #else
-		ret = THREAD_SET_STATE(R_DEBUG_STATE_T);
+		ret = THREAD_SET_STATE (R_DEBUG_STATE_T);
 #endif
 		if (ret != KERN_SUCCESS) {
 			eprintf ("debug_setregs: Failed to set thread \